CWE-476— NULL Pointer Dereference
4,740 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-476page 38 of 95
- CVE-2022-47021HIGHCVSS 7.8EG 7.82023-01-20
A null pointer dereference issue was discovered in functions op_get_data and op_open1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows attackers to cause denial of service or other unspecified impacts.
- CVE-2022-47022MEDIUMCVSS 4.7EG 9.82023-08-22
An issue was discovered in open-mpi hwloc 2.1.0 allows attackers to cause a denial of service or other unspecified impacts via glibc-cpuset in topology-linux.c.
- CVE-2022-47024HIGHCVSS 7.8EG 7.82023-01-20
A null pointer dereference issue was discovered in function gui_x11_create_blank_mouse in gui_x11.c in vim 8.1.2269 thru 9.0.0339 allows attackers to cause denial of service or other unspecified impacts.
- CVE-2022-47094HIGHCVSS 7.8EG 7.82023-01-05
GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Null pointer dereference via filters/dmx_m2ts.c:343 in m2tsdmx_declare_pid
- CVE-2022-47359MEDIUMCVSS 5.5EG 5.52023-02-12
In log service, there is a missing permission check. This could lead to local denial of service in log service.
- CVE-2022-47360MEDIUMCVSS 5.5EG 5.52023-02-12
In log service, there is a missing permission check. This could lead to local denial of service in log service.
- CVE-2022-47465MEDIUMCVSS 5.5EG 5.52023-04-11
In vdsp service, there is a missing permission check. This could lead to local denial of service in vdsp service.
- CVE-2022-47466MEDIUMCVSS 5.5EG 5.52023-04-11
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
- CVE-2022-47467MEDIUMCVSS 5.5EG 5.52023-04-11
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
- CVE-2022-47468MEDIUMCVSS 5.5EG 5.52023-04-11
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
- CVE-2022-47929MEDIUMCVSS 5.5EG 5.52023-01-17
In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc…
- CVE-2022-48231MEDIUMCVSS 5.5EG 5.52023-05-09
In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
- CVE-2022-48241MEDIUMCVSS 5.5EG 5.52023-05-09
In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
- CVE-2022-4842MEDIUMCVSS 5.5EG 5.52023-01-12
A flaw NULL Pointer Dereference in the Linux kernel NTFS3 driver function attr_punch_hole() was found. A local user could use this flaw to crash the system.
- CVE-2022-4843HIGHCVSS 7.5EG 7.52022-12-29
NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.8.2.
- CVE-2022-48442MEDIUMCVSS 5.5EG 5.52023-06-06
In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
- CVE-2022-48443MEDIUMCVSS 5.5EG 5.52023-06-06
In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
- CVE-2022-48444MEDIUMCVSS 5.5EG 5.52023-06-06
In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
- CVE-2022-48445MEDIUMCVSS 5.5EG 5.52023-06-06
In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
- CVE-2022-48509MEDIUMCVSS 5.9EG 5.92023-07-06
Race condition vulnerability due to multi-thread access to mutually exclusive resources in Huawei Share. Successful exploitation of this vulnerability may cause the program to exit abnormally.
- CVE-2022-48606HIGHCVSS 7.5EG 7.52023-09-27
Stability-related vulnerability in the binder background management and control module. Successful exploitation of this vulnerability may affect availability.
- CVE-2022-48636MEDIUMCVSS 5.5EG 5.52024-04-28
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup Fix Oops in dasd_alias_get_start_dev() function caused by the pavgroup pointer being NULL. The p…
- CVE-2022-48640MEDIUMCVSS 5.5EG 5.52024-04-28
In the Linux kernel, the following vulnerability has been resolved: bonding: fix NULL deref in bond_rr_gen_slave_id Fix a NULL dereference of the struct bonding.rr_tx_counter member because if a bond is initially created with an initial …
- CVE-2022-48644MEDIUMCVSS 5.5EG 5.52024-04-28
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: avoid disabling offload when it was never enabled In an incredibly strange API design decision, qdisc->destroy() gets called even if qdisc->init() nev…
- CVE-2022-48646MEDIUMCVSS 6.2EG 6.22024-04-28
In the Linux kernel, the following vulnerability has been resolved: sfc/siena: fix null pointer dereference in efx_hard_start_xmit Like in previous patch for sfc, prevent potential (but unlikely) NULL pointer dereference.
- CVE-2022-48647MEDIUMCVSS 5.5EG 5.52024-04-28
In the Linux kernel, the following vulnerability has been resolved: sfc: fix TX channel offset when using legacy interrupts In legacy interrupt mode the tx_channel_offset was hardcoded to 1, but that's not correct if efx_sepparate_tx_cha…
- CVE-2022-48648MEDIUMCVSS 5.5EG 5.52024-04-28
In the Linux kernel, the following vulnerability has been resolved: sfc: fix null pointer dereference in efx_hard_start_xmit Trying to get the channel from the tx_queue variable here is wrong because we can only be here if tx_queue is NU…
- CVE-2022-48652MEDIUMCVSS 5.5EG 5.52024-04-28
In the Linux kernel, the following vulnerability has been resolved: ice: Fix crash by keep old cfg when update TCs more than queues There are problems if allocated queues less than Traffic Classes. Commit a632b2a4c920 ("ice: ethtool: Pr…
- CVE-2022-48663MEDIUMCVSS 5.5EG 5.52024-04-28
In the Linux kernel, the following vulnerability has been resolved: gpio: mockup: fix NULL pointer dereference when removing debugfs We now remove the device's debugfs entries when unbinding the driver. This now causes a NULL-pointer der…
- CVE-2022-48688MEDIUMCVSS 5.5EG 5.52024-05-03
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix kernel crash during module removal The driver incorrectly frees client instance and subsequent i40e module removal leads to kernel crash. Reproducer: 1. Do et…
- CVE-2022-48692MEDIUMCVSS 5.5EG 5.52024-05-03
In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Set scmnd->result only when scmnd is not NULL This change fixes the following kernel NULL pointer dereference which is reproduced by blktests srp/007 occasiona…
- CVE-2022-48703MEDIUMCVSS 5.5EG 5.52024-05-03
In the Linux kernel, the following vulnerability has been resolved: thermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR In some case, the GDDV returns a package with a buffer which has zero length. It causes that k…
- CVE-2022-48707MEDIUMCVSS 5.5EG 5.52024-05-21
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix null pointer dereference for resetting decoder Not all decoders have a reset callback. The CXL specification allows a host bridge with a single root por…
- CVE-2022-48708MEDIUMCVSS 5.5EG 5.52024-05-21
In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference Added checking of pointer "function" in pcs_set_mux(). pinmux_generic_get_function() can return NULL and the pointer "fun…
- CVE-2022-48710MEDIUMCVSS 5.5EG 5.52024-05-21
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix a possible null pointer dereference In radeon_fp_native_mode(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL p…
- CVE-2022-48713MEDIUMCVSS 5.5EG 5.52024-06-20
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/pt: Fix crash with stop filters in single-range mode Add a check for !buf->single before calling pt_buffer_region_size in a place where a missing check ca…
- CVE-2022-48718MEDIUMCVSS 5.5EG 5.52024-06-20
In the Linux kernel, the following vulnerability has been resolved: drm: mxsfb: Fix NULL pointer dereference mxsfb should not ever dereference the NULL pointer which drm_atomic_get_new_bridge_state is allowed to return. Assume a fixed fo…
- CVE-2022-48728MEDIUMCVSS 5.5EG 5.52024-06-20
In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix AIP early init panic An early failure in hfi1_ipoib_setup_rn() can lead to the following panic: BUG: unable to handle kernel NULL pointer dereference at …
- CVE-2022-48735HIGHCVSS 7.8EG 7.82024-06-20
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix UAF of leds class devs at unbinding The LED class devices that are created by HD-audio codec drivers are registered via devm_led_classdev_register() and a…
- CVE-2022-48741MEDIUMCVSS 5.5EG 5.52024-06-20
In the Linux kernel, the following vulnerability has been resolved: ovl: fix NULL pointer dereference in copy up warning This patch is fixing a NULL pointer dereference to get a recently introduced warning message working.
- CVE-2022-48746MEDIUMCVSS 5.5EG 5.52024-06-20
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix handling of wrong devices during bond netevent Current implementation of bond netevent handler only check if the handled netdev is VF representor and it m…
- CVE-2022-48749MEDIUMCVSS 5.5EG 5.52024-06-20
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc The function performs a check on the "ctx" input parameter, however, it is used before the check. Initialize …
- CVE-2022-48750MEDIUMCVSS 5.5EG 5.52024-06-20
In the Linux kernel, the following vulnerability has been resolved: hwmon: (nct6775) Fix crash in clear_caseopen Paweł Marciniak reports the following crash, observed when clearing the chassis intrusion alarm. BUG: kernel NULL pointer …
- CVE-2022-48751MEDIUMCVSS 4.7EG 4.72024-06-20
In the Linux kernel, the following vulnerability has been resolved: net/smc: Transitional solution for clcsock race issue We encountered a crash in smc_setsockopt() and it is caused by accessing smc->clcsock after clcsock was released. …
- CVE-2022-48756MEDIUMCVSS 5.5EG 5.52024-06-20
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable The function performs a check on the "phy" input parameter, however, it is used before the check. Initialize …
- CVE-2022-48762MEDIUMCVSS 6.2EG 6.22024-06-20
In the Linux kernel, the following vulnerability has been resolved: arm64: extable: fix load_unaligned_zeropad() reg indices In ex_handler_load_unaligned_zeropad() we erroneously extract the data and addr register indices from ex->type r…
- CVE-2022-48770MEDIUMCVSS 5.5EG 5.52024-06-20
In the Linux kernel, the following vulnerability has been resolved: bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack() task_pt_regs() can return NULL on powerpc for kernel threads. This is then used in __bpf_get_stack() to…
- CVE-2022-48772MEDIUMCVSS 5.5EG 5.52024-06-25
In the Linux kernel, the following vulnerability has been resolved: media: lgdt3306a: Add a check against null-pointer-def The driver should check whether the client provides the platform_data. The following log reveals it: [ 29.6103…
- CVE-2022-48773MEDIUMCVSS 5.5EG 5.52024-07-16
In the Linux kernel, the following vulnerability has been resolved: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create If there are failures then we must not leave the non-NULL pointers with the error value, otherwise `rpcr…
- CVE-2022-48777MEDIUMCVSS 5.5EG 5.52024-07-16
In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: qcom: Fix kernel panic on skipped partition In the event of a skipped partition (case when the entry name is empty) the kernel panics in the cleanup functi…
Map vulnerabilities like CWE-476 to your infrastructure
EchelonGraph correlates every CVE — across CWE-476 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →